7 Different Types of Hackers – Black, White, Red & Beyond


Technology has evolved rapidly in the last two decades, bringing about new innovations and tools to help us navigate our tech-driven world. While much technological evolution has resulted in tools that help us work, this digital age also has brought forth different types of hackers. 

Hackers range from the criminal “black hat” to the other end of the spectrum of a white hat hacker who is a security specialist hired to find vulnerabilities in software, hardware and networks that black hats may find and target. Today, the hacker hat rainbow is broadening. 

  1. Black Hat: Criminal Hackers

A black hat hacker is a cybercriminal who breaks into computer systems with malicious or criminal intent. Black hat hackers are probably what you think of when you picture a typical hacker or cybercriminal. Their advanced technical knowledge and ability to navigate the cybersecurity landscape is what makes them so skilled in carrying out their attacks. They go out of their way to find vulnerabilities in computer systems and software, which they exploit for financial gain or other malicious purposes.

They use a range of techniques such as ransomware, fake invoices, DOS attacks (IOT DDOS), dating scams, fake checks, fake escrow intermediaries, Internet of Things (IOT) distributed denial-of-service (DDOS) attacks, and any other scam or hack that will help them wreak havoc and/or steal money from individuals, companies, banks, electronic wallets and trading accounts. 

  1. White Hat Hackers

White hat hackers are the ones who are authorized or certified to ply their dark art for the government and private organizations by performing penetration testing (“pen” testing) and identifying weaknesses and exploits in their network security. They also may ensure protection from malicious cyber crimes and audit the organizational network security and software management protocols. They work under the rules and regulations provided by the government; that’s why they are called Ethical hackers or Cybersecurity experts. White hat hacking techniques include penetration testing and vulnerability assessments.

  1. Gray Hat: “Just for Fun” Hackers

A gray hat hacker is a cybersecurity expert who finds ways to hack into computer networks and systems, but without the malicious intent of a black hat hacker. They are typically not hired for their services, rather they employ them at their own will or will of a group.

Typically, they engage in hacking activities for the pure enjoyment of finding gaps in computer security systems, and they might even let the owner know if any weak points are found. However, they don’t always take the most ethical route when employing their hacking activities – they usually hack without the owner’s permission (even though they aren’t trying to cause any harm).

They may want to demonstrate – to themselves and perhaps an online community—what they can do. There aren’t as many of these as there once were because hacking, whatever the motive, breaks laws and prosecution can be a strong deterrent.

  1. Hacktivists 

Derived from combining the words ‘Hack’ and ‘Activism’, hacktivism is the act of hacking, or breaking into a computer system, for politically or socially motivated purposes. The individual who performs an act of hacktivism is said to be a hacktivist. The hacktivist who performs such acts, such as defacing an organization’s website or leaking that organization’s information, aims to send a message through their activities and gain visibility for a cause they are promoting.

Common targets for hacktivists include government agencies, multinational corporations, or any other entity perceived as ‘bad’ or ‘wrong’ by the hacktivist group or individual. In general, hacker groups aim to question, provoke, and challenge governments, organizations, and companies who go against their moral position.

There are many hacktivist groups worldwide, all working towards different, though sometimes the same, goal of disrupting or exposing the inner workings of government or private organizations in the name of transparency and the public good. The most famous of these types of hacktivist group is that known as ‘Anonymous’. Formed in 2008, the ‘Anonymous’ hacktivist group were brought to light through their expose on the Church of Scientology via leaking a YouTube video involving the indoctrination of celebrity Tom Cruise. Following requests by the executives at the Church of Scientology for the video to be taken down, Anonymous continued to proceed with a Distributed Denial of Service (DDOS) attack that brought down the Church’s website.

  1. The Nation-state

State/nation sponsored hackers are appointed by a country’s government to gain access to another nation’s computer systems. Their cybersecurity skills are typically used for acts of espionage or terrorism such as stealing confidential information in efforts to cause chaos and disrupt services, but can also be used for counterintelligence to monitor threats and terrorist activity. Threats may also include preparation for war or attacks on infrastructure, tampering with elections or encouraging social unrest, as well as general monitoring of populations without consent. These types of hackers are usually employed solely by government agencies for the purpose of inflicting harm, spying, stealing wealth and information, and spreading disinformation, but may also be backed by wealthy “dark states” who are puppet masters with control or power in mind.

Stuxnet, which took down hundreds of Iranian centrifuges, is the poster child for cyberwarfare. North Korea’s 2014 hack into Sony Pictures site in retaliation for a movie the country’s propaganda machine found offensive is equally notorious. These are just some of the big stories. Nation-state hacking happens all the time, mostly quietly, and it’s only growing and becoming the new face of terrorism and counterintelligence. The attacking nation certainly won’t do anything to prevent bad actors working within their borders or punish the hackers because they are soldiers doing their job to further that country’s objectives.

  1. Cryptojackers: Cryptocurrency Mining Hackers

Cryptojackers are known to exploit network vulnerabilities and steal computer resources as a way to mine for cryptocurrencies. They spread malware in a variety of ways, often by planting infectious viruses across the web. These viruses and ransomware-like tactics are used to plant malicious code on victims’ systems, which work quietly in the background without the victims’ knowledge. Once the code is planted, it sends the results back to the hacker.

Cryptojacking allows crypto minors to steal valuable “compute” resources that the minors couldn’t afford themselves, such as bulk electricity and processing power from the hacked victim’s servers. Cryptojackers profit from mining cryptocurrency, but often can’t pay for these resources so they find ways to steal it. Many legitimate employees have been fired for distributing unauthorized mining software across company computers.

  1. Malicious insider or Whistleblower

These types of hackers include individuals working in an organization who can expose confidential information. The intent behind the exposure might be a personal grudge against the organization, or the individual might have come across illegal  or unethical business activities within the organization of which they disapprove. The reason for exposure defines the intent behind the exposure. These individuals are known as whistleblowers.

Monitoring Remote Sessions

With more employees working from home, companies are seeking ways of monitoring remote sessions. One compelling case can be made for recording remote sessions for later playback and review. Employers are concerned that in the event of a security breach, they won’t be able to see what was happening on users’ desktops when the breach occurred. Another reason for recording remote sessions is to maintain compliance, as required for medical and financial institutions or auditing for business protocols, etc.

TSFactory’s RecordTS v6 will record Windows remote sessions reliably and securely for RDS, Citrix and VMware systems. Scalable from small offices with one server to enterprise networks with tens of thousands of desktops and servers, RecordTS integrates seamlessly with the native environment.

Click here to learn more about secure remote session recording.